Vendor Risk Management Insights

Third parties are integral to the value chain—any given organization can have up to hundreds of vendors, depending on its size. Along with business process, IT bandwidth and application functionality, data also flows through that chain. While you can outsource systems and services, you cannot outsource your risk associated with that data and how it’s managed. Regulators have been consistently and clearly giving that message for years, in writing and in practice.

We are proud to announce an exclusive partnership with the FAIR Institute. Factor Analysis of Information Risk (FAIR) has emerged as the standard Value at Risk (VaR) framework for cybersecurity and operational risk. The FAIR Institute is a non-profit professional organization dedicated to advancing the discipline of measuring and managing information risk.